bpanel-whitelist v0.0.1
bPanel Whitelist
This plugin utilizes bPanel's backend plugin system to enable whitelisting for backend endpoints. This adds additional security for your bPanel server ontop of the available by default blacklisting.
If whitelisting is enabled, then any endpoints that don't match the criteria
will be blocked with a 403 response sent back to any client that made the request.
Installation
With bpanel-cli:
$ bpanel-cli i bpanel-whitelistUsage
Once enabled, you can add whitelisted endpoints the same way as blacklisting, via the bcfg interface.
The whitelist configuration supports an array of strings, of regular expressions
or of objects with method, path, and optionally body parameters.
For strings and regular expressions, these can be set at runtime via the cli, otherwise
the whitelist can be set in your bpanel's config.js.
NOTE: The whitelist only applies to requests made to a node via the clients endpoints.
EXAMPLE: This will only allow calls to your node for the wallets, getting node info, and rpc calls to get peer info and get blocks (e.g. for recent blocks and and the peers widget). This will, for example, block a request to stop your node.
module.exports = {
plugins: ['bpanel-whitelist'],
whitelist: [
{
method: 'ALL',
path: 'wallet',
},
{
method: 'GET',
path: 'node',
},
{
method: 'POST',
path: 'node',
body: {
method: /getpeer\w+|(getblock)\w+/,
},
},
],
};whitelist-enabled
There is an optional config to enable/disable the whitelist. It will automatically
be disabled if there is no whitelist config. If this is set to false, then
all non-blacklisted endpoints will be re-enabled.
Debug mode
If you are having problem with another plugin and want to see if a particular endpoint
needs to be whitelisted, you can set log-level to debug mode. This will log out
any requests that are being blocked so that you can add them to your whitelist if
desired.
5 years ago